On Thu, 21 Feb 2008, Perry E. Metzger wrote: > > "Ali, Saqib" <[EMAIL PROTECTED]> writes: > > This methods requires the computer to be "recently" turned-on and unlocked. > > No, it just requires that the computer was recently turned on. It need > not have been "unlocked" -- it jut needed to have keying material in RAM.
Indeed. Given the recent discussions of border searches of laptops, I wouldn't be surprised to see this technique used against locked laptops in suspended mode. The idea that data in RAM doesn't automatically disappear the instant the computer is powered off isn't the really interesting thing in this paper, though, at least for me. I'm more intrigued by the error-correction techniques they use to apparently recover AES keys that have degraded by up to 10% of their bits. It would be nice if the authors released their tools so that other researchers can build on this. --Len. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]